Search results for "sårbarhet"
showing 10 items of 62 documents
Resilience in Critical infrastructure within the energy sector of Norway
2021
Master's thesis in Cyber security (IS507) This thesis investigates what are the characteristics of resilience within the energy sector, as well as what are the "best” known practices being used to increase awareness of the employees. By looking at the existing literature and finding differences between how the energy sector in Norway vs other nations approaches resilience. There is a difference in Norway's more decentralized power grid, where many smaller power stations supply energy, compared to other nation with single large power station. This influences how they will approach resilience. The study uses a qualitative research approach, with semi-structured interviews to gather data from …
Sikkert valgsystem over Internett
2001
Masteroppgave i informasjons- og kommunikasjonsteknologi 2001 - Høgskolen i Agder, Grimstad Det har i de siste årene vært en økende interesse for å utvikle sikre valgsystem over Internett. Allerede i 1869 fikk Thomas Edison patent på et elektronisk valg apparat, men det var derimot ingen den gang som ville kjøpe oppfinnelsen hans. Et elektronisk valgsystem må oppfylle en del sikkerhets krav før det kan implementeres i en valgsammenheng. Hovedoppgaven ser på en del grunnleggende ideer for valgprotokoller, og på valgprotokoller som er brukt i eksisterende system i dag. Et ideelt valgsystem inneholder følgende karakteristiske trekk: Anonymitet, Demokrati, Fleksibilitet, Kontrollerbarhet, Mobil…
Middleware for transparent TCP connection migration : masking faulty TCP-based services
2004
Masteroppgave i informasjons- og kommunikasjonsteknologi 2004 - Høgskolen i Agder, Grimstad Mission critical TCP-based services create a demand for robust and fault tolerant TCP communication. Sense Intellifield monitors drill operations on rig sites offshore. Critical TCP-based services need to be available 24 hours, 7 days a week, and the service providers need to tolerate server failure. How to make TCP robust and fault tolerant without modifying existing infrastructure like existing client/server applications, services, TCP stacks, kernels, or operating systems is the motivation of this thesis. We present a new middleware approach, first of its kind, to allow TCP-based services to survi…
Investigating Cloud Access Security Broker In A Healthcare Service : Creating A Cloud Access Security Broker (CASB) Discussion Frame-work For Evaluat…
2021
Master's thesis in Cyber security (IKT523) Covid-19 accentuated the importance of accessible services, causing a major increase in the adoption of cloud services for enterprises. Cloud computing is a new paradigm that promises significant benefits for organizations in healthcare services. However, cloud computing also transforms enterprise architectures and introduces new problems of information security. Decision-makers in a large healthcare service provider need to justify decisions on cloud adoption, but such a task is convoluted given the different views on cloud computing and the potential impact of cyberthreats on critical infrastructures. As a consequence, cloud security controls nee…
Blockchain for Attribute-Based Access Control : A flexible access control scheme with Permission Delegations
2021
Master's thesis in Cyber security (IKT523) Access Control (AC) is a fundamental aspect of modern technology infrastructure. While most primitive versions of AC use an Access Control List (ACL) to represent access, a more versatile variant called Attribute-Based Access Control (ABAC) has quickly become a popular approach to implementing AC due to its flexibility and scalability and enabling cross-domain access. This thesis proposes a Blockchain-based ABAC scheme with delegatable permission tokens through the use of Hyperledger Fabric and Java Web Tokens (JWT). Fabric is used to store various attribute and revocation transactions necessary in an ABAC system, while JWT’s purpose is to delegate…
Detecting Packed PE Files : Executable file analysis for the Windows operating system
2021
Master's thesis in Cyber security (IKT523) Malware authors invent new methods regularly to hide and obfuscate their code. One of these methods is known as packing. An entire program is hidden inside another executable program; however, the hidden program is usually encrypted or obfuscated such that antivirus software cannot detect its real intent without unpacking it. This thesis will look into common PE packers and describe the development of an application used to detect packed PE binaries using static analysis. This thesis is useful for reverse engineers and antivirus developers; it will give some insight into the world of packing binaries, compression methods, and encryption methods. Th…
Tuning Suricata Intrusion Detection System for High Performance on a Single Non-Uniform Memory Access Node
2021
Master's thesis in Cyber security (IKT523) The rapid increase in network capacity poses a challenge in detecting cyber attacks. Suricata is a modern intrusion detection system(IDS) used to monitor network traffic to detect cyberattacks. Telenor is monitoring considerable amounts of network traffic with IDS-servers, commonly referred to as sensors. Occasionally, the traffic load reaches a point where theIDS drops some of the incoming packets, termed packet loss. This is a serious problem, asit can lead to undetected threats. With this in mind, Telenor wants to find out if a lossless detection can be achieved by tuning Suricata for high performance. This can be accomplished by pinning dedicat…
Informasjonssikkerhetsstyring i norsk kommunesektor : En case studie
2021
Master's thesis in Information systems (IS501) Norske kommuner digitaliserer sine tjenester i stadig økende grad, samtidig som trusselbildet fra aktører med ondsinnede intensjoner øker. For å imøtekommedisse truslene og ivareta innbyggernes integritet finnes det ulike styringssystemer for informasjonssikkerhet som enten er anbefalte eller obligatoriske i norsk offentlig sektor. Digitaliseringsdirektoratet peker på at små og mellomstore kommuner har store utfordringer med å praktisere informasjonssikkerhetsstyring. Gjennom en kvalitativ metode, med16 semistrukturerte intervjuer i små og mellomstore kommuner i Norge, har vi forsøkt å finne årsaker til, og mulige løsninger på utfordringene kom…
Teachers’ awareness, knowledge and practice of information security in school
2020
Master's thesis in Information systems (IS501) We found that the teachers in our respondent schools lacked formal training on topics of information security. Most of them did not know what phishing, backdoors and keyloggers are, and many reused passwords across multiple sites. The teachers were also concerned about lacking the knowledge to properly teach their students about information security and netiquette. The principals did not consider information security to be a primary concernand the IT-department employees had varying knowledge of information security.Meanwhile the municipality has been focused on procuring hardware and softwarefor the teachers and students, and ensuring proper u…
Privacy-enhanced network monitoring
2013
Doktorgradsavhandling i informasjons- og kommunikasjonsteknologi, Universitetet i Agder, 2014 This PhD dissertation investigates two necessary means that are required for building privacy-enhanced network monitoring systems: a policy-based privacy or confidentiality enforcement technology; and metrics measuring leakage of private or confidential information to verify and improve these policies. The privacy enforcement mechanism is based on fine-grained access control and reversible anonymisation of XML data to limit or control access to sensitive information from the monitoring systems. The metrics can be used to support a continuous improvement process, by quantifying leakages of private o…